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DETAILED ACTION 

1. Applicant's arguments filed December 8, 2006, have been fully considered but 
they are not persuasive. 

2. Claims 1-5, 8-14, 17-21, 24-31, 33-37, 40-46, and 49-81 are pending and have 
been examined. 

3. Claims 6, 7, 15, 16, 22, 23, 32, 38, 39, 47, 48, and 82-84 have been canceled. 

Response to Amendment 

4. The objections to claims 82-84 are withdrawn. 

5. The rejection of claims 1, 8, 12, 15, 17, 24, 33, 40, 44, and 47 under 35 
U.S.C. 112, second paragraph, is withdrawn. 

6. The rejection of claims 24, 62-68 under 35 U.S.C. 101 is withdrawn. 

Continued Examination Under 37 CFR 1.114 

7. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to .37 CFR 1 . 1 1 4. 

Claim Objections 

8. Claims 42 and 72 are objected to because of the following informalities: the 
status reads "previously amended" and "previously presented", however the claims 
have been amended. Examiner interprets it was meant to be "currently amended". 
Appropriate correction is required. 
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9. Claims 59-61 and 79-81 are objected to under 37 CFR 1 .75(c) as being in 
improper dependent form because independent claims 15 and 47 from which they 
depend have been cancelled. See MPEP § 608.01 (n). Accordingly, the claims have not 
been further treated on the merits. 

Claim Rejections - 35 USC §112 

10. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

1 1 . Claims 59 and 79 rejected under 35 U.S.C. 1 12, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 59 recites the limitation "method of claim 15", claim 15 was an 
independent claim, canceled by amendment referenced above. There is insufficient 
antecedent basis for this limitation in the claim. 

Claim 79 recites the limitation "method of claim 47", claim 47 was an 
independent claim, canceled by amendment referenced above. There is insufficient 
antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 102 

12. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
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only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

13. Claims 1-5, 8-14, 17-21, 24-31, 33-37, 40-46, 49-58, and 62-78 are rejected 
under 35 U.S.C. 102(e) as being anticipated by Cheng et al. (US Patent 7,010,582, 
hereinafter Cheng). 

Regarding claims 1, 17, and 33, Cheng teaches 

- a computer-implemented method for use in a network environment including 
an enterprise server (abstract), comprising: 

- storing at the enterprise server multiple security credentials for a remote user 
to access respective secure resources residing on a network employing a 
generic application layer network protocol (col. 5, lines 40-67); 

- maintaining a map between one or more resource servers and a type of 
security credential required to access each resource server (col. 8, lines 9- 
43); 

- receiving at the enterprise server a signal representing a request from the 
remote user for a first of the secure resources, wherein the request includes a 
logon credential for the remote user (col. 6, lines 38-67); 

- determining, by referring to the map and without the intervention of the user, 
the type of security credential for the remote user that is required to access 
the first secure resource (col. 6, lines 38-67); 

- sending from the enterprise server a signal representing a second request to 
retrieve the first secure resource, the second request including a first of the 
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security credentials for the user of the type required to access the first secure 
resource (col. 6, lines 49-67, col. 7, lines 1-30); 

- receiving at the enterprise server a signal representing a first single-sign-on 
(SSO) credential generated by a first SSO provider based on the logon 
credential (col. 8, lines 9-43); 

- sending from the enterprise server a signal representing the first SSO 
credential to retrieve the first secure resource when the type of credential 
required to access the first secure resource includes the first SSO credential 
(col. 8, lines 37-67); and 

- sending from the enterprise server a signal representing the first SSO 
credential to retrieve the first secure resource when the type of credential 
required to access the first secure resource includes a second SSO credential 
corresponding to a second SSO provider having a trust relationship with the 
first SSO provider (col. 8, lines 37-67, col. 9, lines 1-60). 

Regarding claims 8, 24, and 40, Cheng teaches 

a computer-implemented method for use in a network environment 

including an enterprise server (abstract), comprising: 

storing at the enterprise server multiple security credentials for a remote 

user to access respective secure resources residing on a network 

employing a generic application layer network protocol (col. 5, lines 40- 

67); 
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maintaining a map between one or more resource servers and a type of 
security credential required to access each resource server (col. 8, lines 
9-43); 

receiving at the enterprise server a signal representing a request from 
the remote user for a first of the secure resources, wherein the request 
includes a logon credential for the remote user (col. 6, lines 38-67); 
determining, by referring to the map and without the intervention of the 
user, the type of security credential for the remote user that is required to 
access the first secure resource (col. 6, lines 38-67); 
sending from the enterprise server a signal representing a second 
request to retrieve the first secure resource, the second request including 
a first of the security credentials for the user of the type required to 
access the first secure resource (col. 6, lines 49-67, col. 7, lines 1-30); 
receiving at'the enterprise server a signal representing a first single-sign- 
on (SSO) credential generated by a first SSO provider based on the 
logon credential (col. 8, lines 9-43); 

sending from the enterprise server a signal representing the first SSO 
credential to retrieve the first secure resource when the type of credential 
required to access the first secure resource includes the first SSO 
credential (col. 8, lines 37-67); 

receiving at the enterprise server a signal representing a second SSO 
credential generated by a second SSO provider based on the first SSO 
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credential (col. 8, lines 37-67, col. 9, lines 60-67, col. 10, lines 1-52); 
and 

sending from the enterprise server a signal representing the second SSO 
credential to retrieve the first secure resource when the type of credential 
required to access the first secure resource includes the second SSO 
credential (col. 8, lines 37-67, col. 9, lines 1-60). 
Regarding claims 12 and 44, Cheng teaches 

a computer-implemented method for use in a network environment 

including an enterprise server (abstract), comprising: 

storing at the enterprise server multiple security credentials for a 

remote user to access respective secure resources residing on a network 

employing a generic application layer network protocol (col. 5, lines 40- 

67); 

maintaining a map between one or more resource servers and a type of 
security credential required to access each resource server (col. 8, lines 
9-43); 

receiving at the enterprise server a signal representing a request from a 
the remote user for a first of the secure resources, wherein the request 
includes a logon credential for the remote user (col. 6, lines 38-67); 
determining, by referring to the map and without the intervention of the 
user, the type of security credential for the remote user that is required to 
access the first secure resource (col. 6, lines 38-67); 
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sending from the enterprise server a signal representing a second 
request to retrieve the first secure resource, the second request including 
a first of the security credentials for the user of the type required to 
access the first secure resource, wherein the receiving includes receiving 
at the enterprise server a signal representing a third request from the 
remote user for a second of the secure resources residing on the 
network (col. 6, lines 49-67, col. 7, lines 1-30), 
determining, without the intervention of the user, the type of security 
credential for the remote user that is required to access the second 
secure resource (col. 6, lines 38-67, col. 8, lines 10-67); and 
sending from the enterprise server a signal representing a fourth request 
for retrieving the second secure resource, the fourth request including a 
second of the security credentials for the user of the type required to 
access the second secure resource (col. 8, lines 37-67, col. 9, lines 1- 
60); and 

wherein the signals representing the second and fourth requests are sent 
t concurrently (col. 11, lines 1-13). 
Regarding claims 2, 18, 34, 49, and 69, Cheng teaches 

authenticating the user before sending the signal representing the 

second request (col. 7, lines 24-50). 
Regarding claims 3, 19, 35, 50, and 70, Cheng teaches 
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receiving at the enterprise server a signal representing a response to the 
second request (col. 11, lines 25-55); and 

sending from the enterprise server a signal representing a result to the 
remote user, the result based on the response to the second request 
(col. 11, lines 25-55). 

Regarding claims 4, 20, 36, 51, and 71, Cheng teaches 

wherein the request includes a logon credential for the remote user, the 
method further comprising: authenticating the remote user based on the 
logon credential before sending the second request (col. 9, lines 1-37). 

Regarding claims 5 and 21, Cheng teaches 

wherein the request includes a logon credential for the remote user and 
the type of security credential required to access the first secure 
resource includes the logon credential (col. 10, lines 19-65), the method 
further comprising : 

sending the signal representing the second request to retrieve the first 
secure resource, the second request including the logon credential (col. 
9, lines 1-37). 

Regarding claims 9, 25, 41, 53, 56, 62, 73, and 76, Cheng teaches 

wherein the generic application-layer network protocol is hypertext 
transfer protocol (col. 6, lines 3-17). 

Regarding claims 10, 26, 42, 54, 57, 63, 74, and 77, Cheng teaches 
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receiving at the enterprise server a signal representing data in response 

to the second request (col. 11, lines 25-55); and 

sending from the enterprise server a signal representing at least a 

portion of the data to the remote user (col. 11, lines 55-67, col. 12, lines 

1-25). 

Regarding claims 28 and 65, Cheng teaches 

wherein the means for receiving includes means for receiving at the 
enterprise server a signal representing a third request from the remote 
user for a second secure resource residing on the network (col. 6, lines 
38-67, col. 11, lines 1-13), the apparatus further comprising: 
determining, without the intervention of the user, the type of security 
credential for the remote user that is required to access the second 
secure resource (col. 6, lines 38-67); and 

sending from the enterprise server a signal representing a fourth request 
to retrieve the second secure resource, the fourth request including a 
second of the security credentials for the user of the type required to 
access the second secure resource (col. 8, lines 37-67, col. 9, lines 1- 
60); and 

wherein the signals representing the second and fourth requests are sent 
concurrently (col. 11, lines 1-13). 
Regarding claims 31 and 68, Cheng teaches 
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receiving at the enterprise server a signal representing the first security 
credential from the user before receiving the signal representing the first 
request (col. 5, lines 40-67). 

Regarding claims 37, 52, and 72, Cheng teaches 

wherein the request includes a logon credential for the remote user and 
the type of security credential required to access the first secure 
resource includes the logon credential (col. 8, lines 37-67, col. 9, lines 
1-45), wherein the method further comprises: 
sending from the enterprise server the signal representing the second 
request to retrieve the first secure resource, the second request including 
the logon credential (col. 8, lines 37-67). 

Regarding claims 13, 29, 45, and 66, Cheng teaches 

wherein the types of security credentials included in the second and 
fourth requests differ (col. 8, lines 37-67, col. 9, lines 1-45). 

Regarding claims 14, 30, 46, and 67, Cheng teaches 

wherein the types of security credentials included in the second and 
fourth requests are the same (col. 8, lines 37-67). 

Regarding claims 11, 27, 43, 55, 58, 64, 75, and 78, Cheng teaches 

wherein the first secure resource includes a Web site, and the data is 
hypertext mark-up language (col. 6, lines 3-17, col. 11, lines 25-55). 
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Conclusion 



14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David G. Cervetti whose telephone number is (571) 272- 
5861. The examiner can normally be reached on Monday-Friday 7:00 am - 5:00 pm, off 
on Wednesday. 

15. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nasser G. Moazzami can be reached on (571) 272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

16. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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